KINGSPORT — The Model City will invest $140,000 in federal funds to help thwart cyber attacks and strengthen its cyber security, Kingsport officials said Wednesday.
The city’s Information Technology Department plans to buy new software and hardware, all of which will be implemented in the next six to 12 months.
“I take this kind of stuff very seriously,” Mark Woomer, director of the department, said. “I don’t want anything to happen here on my watch if I can help it.”
The pending updates come after the city of Knoxville was hit by a massive ransomware attack last June. During that incident, the city was able to continue operations, but the hijackers published personal information about employees online.
The city did not pay the ransom and ultimately was able to get its systems back online.
Kingsport officials also said they routinely see cyber attacks occur also, though it hasn’t inflicted as much damage.
“Kingsport gets hit with a with a variety of cyberattacks on a fairly regular basis, including malware, ransomware, denial of service attacks and viruses,” a city press release said.
A forensics team in the Knoxville case later determined that the attack happened due to a “phishing” email to a city employee who opened it.
City officials said a portion of the $140,000, which is coming from American Rescue Plan Act money, could also be used for training.
Woomer said the hope is to hold quarterly training sessions with city employees about cyber security. The training will cover what to do and what not to do on a computer.
“Just to increase awareness and keep people on their toes,” Woomer said. “Employees have been doing pretty well, but we don’t want to lose that awareness.”
In Bristol, Tennessee, city officials said they are doing the same.
“Our first line of defense is training our employees to recognize and respond appropriately to potential threats,” said Mary Lee Williams, director of administration for the City of Bristol. “We do this in conjunction with continuous monitoring for threats and suspicious activity by our information technology team, as well as regular upgrades to our cybersecurity infrastructure and equipment.”